<?php

include_once dirname(__FILE__).'/class/functions.php';
include_once dirname(__FILE__).'/class/user.class.php';


$a = session_id();
if(empty($a))
    session_start();
$logat = is_logat();
$db=new stdb();
mysql_safer();
?>

<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <link rel="icon" href="favicon.jpg" type="image/gif" sizes="16x16" /> 
        <link rel="stylesheet" type="text/css" href="./style/style.css" />
        <title>Modifica</title>
    </head>
<body>
    <? 
      what_header();
      footer();
        ?>
        <div id="content">
            <div id="content_inside">
                    <div id="content_inside_sidebar">
                        <ul>
                            <li><a href ="index.php"> Home</a><br />
                            </li><li><a href ="cauta.php"> Cautare</a><br /></li>
                            <li><a href ="rezervare.php"> Rezervari</a><br /></li>                   
                                           
                         </ul>
                                 
                    </div>
            <div id="content_inside_main">
<?php
if($logat == 0)
    die("Nu v-ati logat");

if ($_POST['campul']=='' || $_POST['nou']=='' )
    die("Completati campurile ");

if(isset($_GET['id'])&&( $_SESSION['logat'] == "admin" )) $uid=$_GET['id'];
    else $uid = $_SESSION['id'];    


$sql_command="";
if($_POST['campul'] == "username" )
    $sql_command="Update utilizatori Set $_POST[campul] = '" . $_POST['nou'] ."'  Where ID = ". $uid."";

if($_POST['campul'] == "parola" )
    $sql_command="Update utilizatori Set ".$_POST["campul"]." = '" . md5(md5($_POST['nou'])) ."'  Where ID = ". $uid."";

if($_POST['campul'] == "Nume" || $_POST['campul'] == "Prenume" || $_POST['campul'] == "Facultate" || $_POST['campul'] == "An" || $_POST['campul'] == "Specialitate")
    $sql_command="Update detalii_utilizatori Set ".$_POST['campul']." = '".$_POST['nou']."' Where ID=" .$uid ."";
//echo $sql_command;
if($_POST['campul'] == "telefon")
    $sql_command="Update carte_telefon Set ".$_POST[campul]." = '".$_POST[nou]."' Where ID=" .$uid."";

$result=$db->q($sql_command);
if(!$result)
    die("Eroare");
else
    echo "Modificare reusita!";

if(isset($_SESSION['link_list'][1])) $link=$_SESSION['link_list'][1];
    else $link=$path ."contul_meu.php";
?>
                
                <script> 
                            
                           setTimeout(function(){document.location="<? echo $link; ?>"},3000);
            </script>
</body>

</html>